More tools

  • JSONBee - A ready to use JSONP endpoints/payloads to help bypass content security policy (CSP) of different websites.

  • CyberChef - The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis

  • -

  • bountyplz - Automated security reporting from markdown templates (HackerOne and Bugcrowd are currently the platforms supported)

  • PayloadsAllTheThings - A list of useful payloads and bypass for Web Application Security and Pentest/CTF

  • bounty-targets-data - This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for reports

  • android-security-awesome - A collection of android security related resources

  • awesome-mobile-security - An effort to build a single place for all useful android and iOS security related stuff.

  • awesome-vulnerable-apps - Awesome Vulnerable Applications

  • XFFenum - X-Forwarded-For [403 forbidden] enumeration

  • httpx - httpx is a fast and multi-purpose HTTP toolkit allow to run multiple probers using retryablehttp library, it is designed to maintain the result reliability with increased threads.

PreviousVulnerability ScannersNextASVS Application Security Verification Standard

Last updated